On Thu, Oct 12, 2017 at 10:24:46PM +0100, steve-ALUG@hst.me.uk wrote:
On 12/10/17 14:15, Phil Thane wrote: [snip]
I think I'm going to have to start from scratch though, somehow I've managed to lock myself out of Nextcloud and can't get back in without the MariaDB/SQL details, which were on a piece of paper that disappeared when we moved house!
hope you fix it.
[snip]
The SSH X thing looks useful, not seen that before, I'll give it a go. Thanks.
SSH -X *IS* useful, BUT, it is regarded as a security risk. You have to specifically edit your sshd config file to allow it.
Only a risk if you allow ssh from outside, within your own LAN, presumably, all users are trusted.
A quick google found this https://security.stackexchange.com/questions/14815/security-concerns-with-x1... however there may be many more. Google "ssh x11 forwarding risk" or similar. (The -X means x11 forwarding.)
If you're inside a secure network and your client is as secure as your server, I wouldn't have thought that there was a problem, but I think the consensus is that it could be, which is why it's disabled by default.
It's surely only if the 'local' network that you can ssh around has lots of users who shouldn't be able to access each others files/systems.